The Claroty Blog

Claroty Continuous Threat Detection (CTD) Meets the Cloud

| Benny Porat, Ph. D | Chief Product Officer

At Claroty we pride ourselves with staying ahead of the innovation curve. We don’t just innovate for innovation’s sake; we innovate with a purpose. Every new feature or product release is inextricably linked to our mission of protecting the world’s most critical infrastructure.

We also recognize that OT and IoT security products are still new to most organizations and the only way to truly protect the world’s most critical infrastructure is to reduce barriers to adoption.

We’re thrilled, therefore, to announce that Claroty is taking a huge step towards easing adoption by embracing the cloud. Effective today, Continuous Threat Detection (CTD) Version 3.9 is available on a limited basis not only via our existing deployment formats, but also with public or private cloud option. 

The cloud delivers extraordinary value to Claroty’s customers. Not only does it deliver frictionless deployments, real-time updates, and reduced total cost of ownership (TCO), but it also fundamentally transforms the user experience. 

Let’s explore how the cloud enhances two of CTD’s industry-leading features:

Cloud + Claroty Threat Intelligence (CTI)

The value of threat intelligence decreases with every passing second, which is why speed and precision matter. The cloud correlates behaviors across all connected customers, detecting industry-specific threats, tactics, and trends as they evolve. By aggregating and analyzing anonymized customer data, CTD blends vendor-agnostic visibility with real-time and actionable threat intelligence, including updates to Yara signatures, SNORT rules, vulnerabilities and other proprietary indicators of compromise sourced from Team82 (Claroty’s research arm). Instead of waiting for a version upgrade or the next update, CTD continuously pushes adaptive information including data enrichment and the latest threat intelligence to our customers' Enterprise Management Consoles (EMC) via a secure SSL channel.

Cloud + Virtual Zones+

Claroty’s Virtual Zones+ leverages CTD's deep packet inspection engine to transform complex OT and IoT communications into an intuitive, user-friendly view. It automatically groups together and visualizes network assets with similar behaviors and attributes. Once grouped, CTD identifies the relationship between the logical groups and automatically generates granular communication policies. The policies assign permission levels to each zone, along with a specific level of trust to help end users understand the risk posed by every logical connection between the zones. 

Enter the cloud...

The cloud completely revolutionizes this visualization by crowdsourcing data from Claroty’s customer base. System users can benchmark their existing assets' communications and the policies governing them against those of Claroty's other customers with similar cloud-based deployments. Instead of combing through hundreds of communication patterns looking for misconfigurations or to manually assigning permission levels, Claroty customers benefit from a real-time cloud-based reputational awareness engine feeding information directly from the field. The database is continuously populated with anonymized customer policy rules, delivering a reputation that describes the recurrence rate of a specific rule among other cloud policies. If a particular baseline or policy is common or universal across CTD’s monitored sites, our customers will know about it. Likewise, the same is true if it is rare or unusual.  

It goes without saying that protecting the confidentiality of our customers' data is our top priority, which is why CTD version 3.9 includes best-of-class security and privacy standards, including GDPR compliance. Data shared with the cloud is secured in transit and at rest, and fully scrubbed of identifying information to preserve our customers’ anonymity.

While CTD version 3.9 is a Limited Availability release, it is a precursor to a major General Availability (GA) announcement coming later in the year.  Stayed tuned for more exciting updates and as always, contact us for a demo of these new features!

 

 

Subscribe to the Blog